Google urged to tighten privacy after Street View WiFi scandal

Google has been urged by regulators to further tighten its privacy practices,
including better training for staff and clearer information for users about
how personal data is used, after an audit found room for improvement.

The watchdog said today that Google had taken “reasonable steps to improve its privacy policies” since details of the practice emerged in April last year.

“I’m satisfied that Google has made good progress in improving its privacy procedures following the undertaking they signed with me last year,” said Christopher Graham, the Information Commissioner.

He added that the audit was “not a rubber stamp” and that “all of the commitments they gave us have been progressed and the company have also accepted the findings of our audit report where we’ve asked them to go even further”.

Google has maintained that it collected the private data “inadvertently” after and engineering mistake in software designed to map the locations of WiFi networks, and agreed in October to delete the data and reform its privacy policies. In the ICO’s audit “reasonable assurance” is the second-highest of four levels of privacy assurance.

Related Articles

“The audit verified that Google have made improvements to their internal privacy structure, privacy training and awareness and privacy reviews,” the ICO document said.

“The audit provided reasonable assurance that these changes reduce, but do not eliminate, the risk of an incident similar to the mistaken collection of payload data by Google Street View vehicles occurring again.”

“While enhanced core training for engineers and other important groups has been developed and piloted, this needs to be fully rolled out as planned across Google.”

Other new measures required according to the ICO include a "privacy design document" for every Google product, and random internal spot checks that privacy policies are being followed.

Google has come under increasing pressure worldwide over its attitude to privacy online.

As well as the Street View controversy, which drew action by privacy regulators in the United States, German, South Korea and Australia, last year it angered users by launching its Buzz social network without obtaining proper permission to re-use Gmail data. Google was forced to agree top 20 years of privacy audits by the Federal Trade Commission as a result.

Privacy advocates have also been concerned by a series of statements by Eric Schmidt, Google’s executive chairman and until recently its chief executive. Asked about members of the public who were concerned about their photograph being published on Street View he suggested “you can just move, right?". He later said he “misspoke”.

Responding to the ICO’s audit today, Alma Whitten, Google director of privacy, said the audit "verifies the improvements we've made to our internal privacy structures, training programmes and internal reviews, and identifies some scope for continued work".

"We welcome their feedback on our progress, and we look forward to working with them to ensure that we continue to develop products that reflect strong privacy standards and practices," she added.